nadam se da sam dobro odradio,ovo sto sam trebao da prekopiram nadam se da je trebalo samo ovo
Citat:
File::
c:\documents and settings\All Users\Application Data\Avg8
Folder::
c:\program files\AVG
bez
ovog
ComboFix 09-01-07.01 - Administrator 2009-01-07 20:10:29.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.568 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1296 [VPS 090107-0] *On-access scanning disabled* (Updated)
* Created a new restore point
[COLOR=RED][B]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/B][/COLOR]
FILE ::
c:\documents and settings\All Users\Application Data\Avg8
.
((((((((((((((((((((((((( Files Created from 2008-12-07 to 2009-01-07 )))))))))))))))))))))))))))))))
.
2009-01-07 19:41 . 2009-01-07 19:46 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\~0
2009-01-07 19:41 . 2009-01-07 19:41 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Uniblue
2009-01-07 18:00 . 2009-01-07 18:00 <DIR> d-------- c:\documents and settings\All Users\Application Data\Avg8
2009-01-07 17:31 . 2009-01-07 17:31 <DIR> d-------- c:\program files\Alwil Software
2009-01-07 16:56 . 2009-01-07 16:56 <DIR> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-01-07 16:55 . 2009-01-07 16:55 <DIR> d-------- c:\program files\SUPERAntiSpyware
2009-01-07 16:55 . 2009-01-07 16:55 <DIR> d-------- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-01-07 12:19 . 2009-01-07 12:19 <DIR> d-------- c:\program files\Trend Micro
2009-01-07 12:08 . 2009-01-07 12:08 <DIR> d-------- c:\windows\ServicePackFiles
2009-01-07 12:07 . 2004-08-04 00:56 2,897,920 --------- c:\windows\system32\xpsp2res.dll
2009-01-07 12:06 . 2004-07-17 11:40 19,528 --a------ c:\windows\
002509_.tmp
2009-01-07 12:05 . 2009-01-07 12:05 <DIR> d-------- c:\windows\EHome
2009-01-07 00:51 . 2009-01-07 00:51 <DIR> d-------- c:\program files\FreePack
2009-01-07 00:51 . 2009-01-07 00:53 94 --a------ c:\windows\Folders.ini
2009-01-07 00:46 . 2009-01-07 00:48 <DIR> d-------- c:\program files\Girder
2009-01-07 00:45 . 2009-01-07 00:45 <DIR> d-------- c:\program files\Foxit Software
2009-01-07 00:45 . 2009-01-07 00:45 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Foxit
2009-01-07 00:42 . 2009-01-07 01:00 <DIR> d-------- C:\ProgDVB
2009-01-07 00:36 . 2009-01-07 00:36 <DIR> d-------- c:\program files\DVBViewerTE
2009-01-07 00:34 . 2009-01-07 00:34 <DIR> d-------- c:\program files\TechniSat DVB
2009-01-07 00:34 . 2004-03-10 23:37 1,045,776 --a------ c:\windows\system32\msjet35.dll
2009-01-07 00:34 . 2004-03-10 23:37 368,912 --a------ c:\windows\system32\vbar332.dll
2009-01-07 00:34 . 2004-03-10 23:37 252,176 --a------ c:\windows\system32\msrd2x35.dll
2009-01-07 00:34 . 2004-03-10 23:37 123,664 --a------ c:\windows\system32\Msjint35.dll
2009-01-07 00:34 . 2004-05-02 20:30 118,784 --a------ c:\windows\system32\SkyDll.dll
2009-01-07 00:34 . 2004-05-02 20:30 118,784 --a------ c:\windows\system32\Sky2PCUI.dll
2009-01-07 00:34 . 2004-04-13 13:15 102,400 --a------ c:\windows\system32\libbz2.dll
2009-01-07 00:34 . 2004-03-10 23:37 24,848 --a------ c:\windows\system32\msjter35.dll
2009-01-07 00:33 . 1998-10-29 16:45 306,688 --a------ c:\windows\IsUninst.exe
2009-01-07 00:32 . 2004-05-02 20:30 451,816 -ra------ c:\windows\system32\drivers\SkyNET.sys
2009-01-07 00:04 . 2009-01-07 00:05 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-07 00:04 . 2009-01-07 00:04 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-07 00:04 . 2009-01-07 00:04 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-01-07 00:04 . 2009-01-04 18:38 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-07 00:04 . 2009-01-04 18:38 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-06 23:34 . 2009-01-06 23:34 <DIR> d-------- c:\documents and settings\Administrator\Application Data\ACD Systems
2009-01-06 23:33 . 2009-01-06 23:33 <DIR> d-------- c:\program files\Common Files\ACD Systems
2009-01-06 23:33 . 2009-01-06 23:33 <DIR> d-------- c:\program files\ACD Systems
2009-01-06 23:33 . 2009-01-06 23:33 <DIR> d-------- c:\documents and settings\All Users\Application Data\ACD Systems
2009-01-06 22:31 . 2009-01-06 22:31 <DIR> d-------- c:\program files\Lavasoft
2009-01-06 22:31 . 2009-01-06 22:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-01-06 22:30 . 2009-01-07 16:55 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-01-06 22:21 . 2009-01-06 22:21 <DIR> d-------- c:\program files\Valve
2009-01-06 22:10 . 2009-01-06 22:10 <DIR> d-------- c:\windows\system32\bits
2009-01-06 22:10 . 2009-01-06 23:34 <DIR> d--h----- c:\windows\$hf_mig$
2009-01-06 21:43 . 2004-08-04 00:56 438,784 --------- c:\windows\system32\xpob2res.dll
2009-01-06 21:43 . 2004-08-04 00:56 351,232 --a------ c:\windows\system32\winhttp.dll
2009-01-06 21:43 . 2004-08-04 00:56 18,944 --a------ c:\windows\system32\qmgrprxy.dll
2009-01-06 21:43 . 2004-08-04 00:56 8,192 --------- c:\windows\system32\bitsprx2.dll
2009-01-06 21:43 . 2004-08-04 00:56 7,168 --------- c:\windows\system32\bitsprx3.dll
2009-01-06 21:37 . 2009-01-06 21:37 <DIR> d---s---- c:\documents and settings\Administrator\UserData
2009-01-06 21:34 . 2008-10-16 14:12 561,688 --a------ c:\windows\system32\wuapi.dll
2009-01-06 21:34 . 2008-10-16 14:12 323,608 --a------ c:\windows\system32\wucltui.dll
2009-01-06 21:34 . 2008-10-16 14:12 213,528 --a------ c:\windows\system32\wuaucpl.cpl
2009-01-06 21:34 . 2008-10-16 14:13 202,776 --a------ c:\windows\system32\wuweb.dll
2009-01-06 21:34 . 2004-08-03 14:03 186,136 --a------ c:\windows\system32\wuaueng1.dll
2009-01-06 21:34 . 2004-08-03 14:01 167,704 --a------ c:\windows\system32\wuauclt1.exe
2009-01-06 21:34 . 2008-10-16 14:08 34,328 --a------ c:\windows\system32\wups.dll
2009-01-06 21:31 . 2009-01-06 21:31 0 --a------ c:\windows\nsreg.dat
2009-01-06 21:28 . 2009-01-06 21:28 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2009-01-06 21:28 . 2009-01-06 21:29 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-06 21:18 . 2009-01-06 21:18 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Logitech
2009-01-06 21:15 . 2009-01-06 21:15 <DIR> d-------- c:\program files\Logitech
2009-01-06 21:15 . 2009-01-06 21:15 <DIR> d-------- c:\program files\Common Files\Logitech
2009-01-06 21:15 . 2005-01-28 13:44 1,119,744 --a------ c:\windows\system32\wmsdmoe2.dll
2009-01-06 21:07 . 2009-01-06 21:07 0 --a------ c:\windows\ativpsrm.bin
2009-01-06 21:06 . 2007-12-20 21:05 593,920 --------- c:\windows\system32\ati2sgag.exe
2009-01-06 21:06 . 2004-08-03 22:59 57,472 --a------ c:\windows\system32\drivers\redbook.sys
2009-01-06 21:06 . 2001-08-17 14:46 6,400 --a------ c:\windows\system32\drivers\enum1394.sys
2009-01-06 21:06 . 2001-08-17 14:59 3,072 --a------ c:\windows\system32\drivers\audstub.sys
2009-01-06 21:05 . 2009-01-06 20:13 <DIR> dr------- c:\documents and settings\All Users\Documents
2009-01-06 21:04 . 2009-01-07 20:10 <DIR> d-------- c:\windows\system32\CatRoot2
2009-01-06 21:04 . 2009-01-06 21:04 <DIR> d-------- c:\program files\VID_0E8F&PID_0003
2009-01-06 21:02 . 2009-01-06 20:17 261 --a------ c:\windows\system32\$winnt$.inf
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-06 21:21 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-06 20:10 --------- d-----w c:\documents and settings\Administrator\Application Data\ATI
2009-01-06 19:54 --------- d-----w c:\program files\My Company Name
2009-01-06 19:52 --------- d-----w c:\program files\ATI Technologies
2009-01-06 19:51 --------- d-----w c:\program files\Common Files\ATI Technologies
2009-01-06 19:44 --------- d-----w c:\program files\Common Files\InstallShield
2009-01-06 19:34 --------- d-----w c:\program files\Realtek
2009-01-06 19:20 --------- d-----w c:\program files\Intel
2009-01-06 19:15 558,142 ----a-w c:\windows\java\Packages\
0FJNJ9FL.ZIP
2009-01-06 19:15 155,995 ----a-w c:\windows\java\Packages\OVRHZTND.ZIP
2009-01-06 19:15 --------- d-----w c:\program files\microsoft frontpage
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2004-08-03 23:56 167,833 --sha-r c:\windows\system32\frsvyou.dll
.
((((((((((((((((((((((((((((( snapshot@2009-01-07_18.08.21.75 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-03 23:56:58 208,896 ----a-w c:\windows\inf\unregmp2.exe
+ 2005-01-28 12:44:28 192,512 ----a-w c:\windows\inf\unregmp2.exe
+ 2004-08-03 23:56:42 159,232 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\cewmdm.dll
+ 2004-08-03 23:56:44 52,224 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
+ 2004-08-03 23:56:44 201,728 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSP.dll
+ 2004-08-03 23:57:02 356,352 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MSSCP.dll
+ 2004-08-03 23:56:46 245,760 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MSWMDM.dll
+ 2004-08-03 23:56:48 27,136 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\WMDMLOG.dll
+ 2004-08-03 23:56:48 23,552 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\WMDMPS.dll
+ 2005-01-28 12:44:28 164,864 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\cewmdm.dll
+ 2005-01-28 12:44:28 25,088 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
+ 2005-01-28 12:44:28 173,568 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSP.dll
+ 2005-01-28 12:44:28 364,784 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MSSCP.dll
+ 2005-01-28 12:44:28 315,904 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MSWMDM.dll
+ 2005-01-28 12:44:28 28,160 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\WMDMLOG.dll
+ 2005-01-28 12:44:28 33,792 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\WMDMPS.dll
+ 2004-08-03 23:56:58 774,144 ----a-w c:\windows\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}$BACKUP$\System\setup_wm.exe
+ 2005-01-28 12:44:28 819,200 ----a-w c:\windows\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\setup_wm.exe
+ 2004-08-03 23:56:48 20,480 ----a-w c:\windows\RegisteredPackages\{60204BB3-7078-4F70-8F69-68297621941C}$BACKUP$\System\wmpcore.dll
+ 2004-08-03 23:56:48 20,480 ----a-w c:\windows\RegisteredPackages\{60204BB3-7078-4F70-8F69-68297621941C}$BACKUP$\System\wmpui.dll
+ 2005-01-28 12:44:28 20,480 ----a-w c:\windows\RegisteredPackages\{60204BB3-7078-4F70-8F69-68297621941C}\wmpcore.dll
+ 2005-01-28 12:44:28 20,480 ----a-w c:\windows\RegisteredPackages\{60204BB3-7078-4F70-8F69-68297621941C}\wmpui.dll
+ 2005-01-28 12:44:28 47,104 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\uwdf.exe
+ 2005-01-28 12:44:28 15,872 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfapi.dll
+ 2005-01-28 12:44:28 38,912 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe
+ 2005-01-28 12:44:28 38,912 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpd_ci.dll
+ 2005-01-28 12:44:28 61,952 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdconns.dll
+ 2005-01-28 12:44:28 114,176 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtp.dll
+ 2005-01-28 12:44:28 331,776 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtpdr.dll
+ 2005-01-28 12:44:28 66,560 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtpus.dll
+ 2005-01-28 12:44:28 331,264 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdsp.dll
+ 2005-01-28 12:44:28 10,752 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdtrace.dll
+ 2005-01-28 12:44:28 18,944 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdusb.sys
+ 2004-08-03 23:56:48 408,064 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmadmod.dll
+ 2004-08-03 23:56:48 759,296 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmsdmod.dll
+ 2004-08-03 23:56:48 484,864 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmspdmod.dll
+ 2004-08-03 23:56:48 809,984 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmvdmod.dll
+ 2005-01-28 12:44:28 396,528 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmadmod.dll
+ 2005-01-28 12:44:28 774,904 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmsdmod.dll
+ 2005-01-28 12:44:28 413,944 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmspdmod.dll
+ 2005-01-28 12:44:28 1,218,808 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmvadvd.dll
+ 2005-01-28 12:44:28 895,736 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmvdmod.dll
+ 2004-08-03 23:56:44 6,656 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\laprxy.dll
+ 2004-08-03 23:56:52 103,936 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\logagent.exe
+ 2004-08-03 23:56:46 237,568 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\qasf.dll
+ 2004-08-03 23:56:48 670,720 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmadmoe.dll
+ 2004-08-03 23:56:48 230,400 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmasf.dll
+ 2004-08-03 23:56:48 151,552 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmidx.dll
+ 2004-08-03 23:56:48 1,050,624 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmnetmgr.dll
+ 2004-08-03 23:56:48 1,119,744 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmsdmoe2.dll
+ 2004-08-03 23:56:48 896,512 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmspdmoe.dll
+ 2004-08-03 23:57:04 2,105,344 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmvcore.dll
+ 2004-08-03 23:56:48 1,001,472 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmvdmoe2.dll
+ 2005-01-28 12:44:28 6,656 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\laprxy.dll
+ 2005-01-28 12:44:28 96,768 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\logagent.exe
+ 2005-01-28 12:44:28 221,184 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\qasf.dll
+ 2005-01-28 12:44:28 716,288 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmadmoe.dll
+ 2005-01-28 12:44:28 224,768 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmasf.dll
+ 2005-01-28 12:44:28 335,872 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMDRMdev.dll
+ 2005-01-28 12:44:28 290,816 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMDRMNet.dll
+ 2005-01-28 12:44:28 150,016 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmidx.dll
+ 2005-01-28 12:44:28 1,027,072 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmnetmgr.dll
+ 2005-01-28 12:44:28 1,119,744 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmsdmoe2.dll
+ 2005-01-28 12:44:28 940,544 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmspdmoe.dll
+ 2005-01-28 12:44:28 1,512,448 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMVADVE.DLL
+ 2005-01-28 12:44:28 2,370,296 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmvcore.dll
+ 2005-01-28 12:44:28 1,003,008 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmvdmoe2.dll
+ 2004-08-03 23:56:42 286,208 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\blackbox.dll
+ 2004-08-03 23:57:06 299,520 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmclien.dll
+ 2004-08-03 23:56:44 87,040 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmstor.dll
+ 2004-08-03 23:57:04 695,296 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmv2clt.dll
+ 2004-08-03 23:57:02 259,072 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\msnetobj.dll
+ 2005-01-28 12:44:28 294,912 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\blackbox.dll
+ 2005-01-28 12:44:28 258,296 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmclien.dll
+ 2005-01-28 12:44:28 96,768 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmstor.dll
+ 2005-01-28 12:44:28 502,272 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmv2clt.dll
+ 2005-01-28 12:44:28 142,336 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\msnetobj.dll
+ 2004-08-03 23:56:48 20,480 ----a-w c:\windows\RegisteredPackages\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}$BACKUP$\System\wmpcd.dll
+ 2005-01-28 12:44:28 20,480 ----a-w c:\windows\RegisteredPackages\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}\wmpcd.dll
+ 2004-08-03 23:56:00 8,192 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\asferror.dll
+ 2004-08-03 23:56:42 28,672 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\custsat.dll
+ 2004-08-03 23:56:52 786,432 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\migrate.exe
+ 2004-08-03 23:56:44 368,640 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\mpvis.dll
+ 2004-08-03 23:56:58 208,896 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\unregmp2.exe
+ 2004-08-03 23:56:36 168,448 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmerror.dll
+ 2004-08-03 23:56:48 4,874,240 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmp.dll
+ 2004-08-03 23:56:48 114,688 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmpasf.dll
+ 2004-08-03 23:56:48 98,304 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmpband.dll
+ 2004-08-03 23:56:48 233,472 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmpdxm.dll
+ 2004-08-03 23:56:58 73,728 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe
+ 2004-08-03 23:56:38 2,940,928 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmploc.dll
+ 2004-08-03 23:56:48 102,400 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmpshell.dll
+ 2005-01-28 12:44:28 8,192 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\asferror.dll
+ 2005-01-28 12:44:28 484,352 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\Audiodev.dll
+ 2005-01-28 12:44:28 28,672 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\custsat.dll
+ 2005-01-28 12:44:28 991,232 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\migrate.exe
+ 2005-01-28 12:44:28 352,256 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\mpvis.dll
+ 2005-01-28 12:44:28 192,512 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\unregmp2.exe
+ 2005-01-28 12:44:28 189,440 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmerror.dll
+ 2005-01-28 12:44:28 122,880 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmlaunch.exe
+ 2005-01-28 12:44:28 5,525,504 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmp.dll
+ 2005-01-28 12:44:28 135,168 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmpasf.dll
+ 2005-01-28 12:44:28 77,824 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmpband.dll
+ 2005-01-28 12:44:28 282,624 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmpdxm.dll
+ 2005-01-28 12:44:28 28,672 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmpenc.exe
+ 2005-01-28 12:44:28 1,594,880 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmpencen.dll
+ 2005-01-28 12:44:28 73,728 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmplayer.exe
+ 2005-01-28 12:44:28 3,371,008 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmploc.dll
+ 2005-01-28 12:44:28 86,016 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmpshell.dll
+ 2005-01-28 12:44:28 175,104 ----a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmpsrcwp.dll
- 2004-08-03 23:56:00 8,192 ----a-w c:\windows\system32\asferror.dll
+ 2005-01-28 12:44:28 8,192 ----a-w c:\windows\system32\asferror.dll
+ 2005-01-28 12:44:28 484,352 ----a-w c:\windows\system32\Audiodev.dll
- 2004-08-03 23:56:42 286,208 ----a-w c:\windows\system32\blackbox.dll
+ 2005-01-28 12:44:28 294,912 ----a-w c:\windows\system32\blackbox.dll
- 2004-08-03 23:56:42 159,232 ----a-w c:\windows\system32\cewmdm.dll
+ 2005-01-28 12:44:28 164,864 ----a-w c:\windows\system32\cewmdm.dll
+ 2005-01-28 12:44:28 8,192 -c--a-w c:\windows\system32\dllcache\asferror.dll
+ 2005-01-28 12:44:28 294,912 -c--a-w c:\windows\system32\dllcache\blackbox.dll
+ 2005-01-28 12:44:28 164,864 -c--a-w c:\windows\system32\dllcache\cewmdm.dll
+ 2005-01-28 12:44:28 28,672 -c--a-w c:\windows\system32\dllcache\custsat.dll
+ 2005-01-28 12:44:28 258,296 -c--a-w c:\windows\system32\dllcache\drmclien.dll
+ 2005-01-28 12:44:28 96,768 -c--a-w c:\windows\system32\dllcache\drmstor.dll
+ 2005-01-28 12:44:28 502,272 -c--a-w c:\windows\system32\dllcache\drmv2clt.dll
+ 2005-01-28 12:44:28 6,656 -c--a-w c:\windows\system32\dllcache\laprxy.dll
+ 2005-01-28 12:44:28 96,768 -c--a-w c:\windows\system32\dllcache\logagent.exe
+ 2005-01-28 12:44:28 991,232 -c--a-w c:\windows\system32\dllcache\migrate.exe
+ 2005-01-28 12:44:28 352,256 -c--a-w c:\windows\system32\dllcache\mpvis.dll
+ 2005-01-28 12:44:28 142,336 -c--a-w c:\windows\system32\dllcache\msnetobj.dll
+ 2005-01-28 12:44:28 25,088 -c--a-w c:\windows\system32\dllcache\mspmsnsv.dll
+ 2005-01-28 12:44:28 173,568 -c--a-w c:\windows\system32\dllcache\mspmsp.dll
+ 2005-01-28 12:44:28 364,784 -c--a-w c:\windows\system32\dllcache\msscp.dll
+ 2005-01-28 12:44:28 315,904 -c--a-w c:\windows\system32\dllcache\mswmdm.dll
+ 2005-01-28 12:44:28 221,184 -c--a-w c:\windows\system32\dllcache\qasf.dll
+ 2005-01-28 12:44:28 819,200 -c--a-w c:\windows\system32\dllcache\setup_wm.exe
+ 2005-01-28 12:44:28 192,512 -c--a-w c:\windows\system32\dllcache\unregmp2.exe
+ 2005-01-28 12:44:28 396,528 -c--a-w c:\windows\system32\dllcache\wmadmod.dll
+ 2005-01-28 12:44:28 716,288 -c--a-w c:\windows\system32\dllcache\wmadmoe.dll
+ 2005-01-28 12:44:28 224,768 -c--a-w c:\windows\system32\dllcache\wmasf.dll
+ 2005-01-28 12:44:28 28,160 -c--a-w c:\windows\system32\dllcache\wmdmlog.dll
+ 2005-01-28 12:44:28 33,792 -c--a-w c:\windows\system32\dllcache\wmdmps.dll
+ 2005-01-28 12:44:28 189,440 -c--a-w c:\windows\system32\dllcache\wmerror.dll
+ 2005-01-28 12:44:28 150,016 -c--a-w c:\windows\system32\dllcache\wmidx.dll
+ 2005-01-28 12:44:28 1,027,072 -c--a-w c:\windows\system32\dllcache\wmnetmgr.dll
+ 2005-01-28 12:44:28 5,525,504 -c--a-w c:\windows\system32\dllcache\wmp.dll
+ 2005-01-28 12:44:28 135,168 -c--a-w c:\windows\system32\dllcache\wmpasf.dll
+ 2005-01-28 12:44:28 77,824 -c--a-w c:\windows\system32\dllcache\wmpband.dll
+ 2005-01-28 12:44:28 20,480 -c--a-w c:\windows\system32\dllcache\wmpcd.dll
+ 2005-01-28 12:44:28 20,480 -c--a-w c:\windows\system32\dllcache\wmpcore.dll
+ 2005-01-28 12:44:28 282,624 -c--a-w c:\windows\system32\dllcache\wmpdxm.dll
+ 2005-01-28 12:44:28 73,728 -c--a-w c:\windows\system32\dllcache\wmplayer.exe
+ 2005-01-28 12:44:28 3,371,008 -c--a-w c:\windows\system32\dllcache\wmploc.dll
+ 2005-01-28 12:44:28 86,016 -c--a-w c:\windows\system32\dllcache\wmpshell.dll
+ 2005-01-28 12:44:28 20,480 -c--a-w c:\windows\system32\dllcache\wmpui.dll
+ 2005-01-28 12:44:28 774,904 -c--a-w c:\windows\system32\dllcache\wmsdmod.dll
+ 2005-01-28 12:44:28 1,119,744 -c--a-w c:\windows\system32\dllcache\wmsdmoe2.dll
+ 2005-01-28 12:44:28 413,944 -c--a-w c:\windows\system32\dllcache\wmspdmod.dll
+ 2005-01-28 12:44:28 940,544 -c--a-w c:\windows\system32\dllcache\wmspdmoe.dll
+ 2005-01-28 12:44:28 2,370,296 -c--a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2005-01-28 12:44:28 895,736 -c--a-w c:\windows\system32\dllcache\wmvdmod.dll
+ 2005-01-28 12:44:28 1,003,008 -c--a-w c:\windows\system32\dllcache\wmvdmoe2.dll
+ 2005-01-28 12:44:28 18,944 ----a-w c:\windows\system32\drivers\wpdusb.sys
- 2004-08-03 23:57:06 299,520 ----a-w c:\windows\system32\drmclien.dll
+ 2005-01-28 12:44:28 258,296 ----a-w c:\windows\system32\drmclien.dll
- 2004-08-03 23:56:44 87,040 ----a-w c:\windows\system32\drmstor.dll
+ 2005-01-28 12:44:28 96,768 ----a-w c:\windows\system32\drmstor.dll
- 2004-08-03 23:57:04 695,296 ----a-w c:\windows\system32\drmv2clt.dll
+ 2005-01-28 12:44:28 502,272 ----a-w c:\windows\system32\drmv2clt.dll
- 2004-08-03 23:56:44 6,656 ----a-w c:\windows\system32\laprxy.dll
+ 2005-01-28 12:44:28 6,656 ----a-w c:\windows\system32\laprxy.dll
- 2004-08-03 23:56:52 103,936 ----a-w c:\windows\system32\logagent.exe
+ 2005-01-28 12:44:28 96,768 ----a-w c:\windows\system32\logagent.exe
- 2004-08-03 23:57:02 259,072 ----a-w c:\windows\system32\msnetobj.dll
+ 2005-01-28 12:44:28 142,336 ----a-w c:\windows\system32\msnetobj.dll
- 2004-08-03 23:56:44 52,224 ----a-w c:\windows\system32\mspmsnsv.dll
+ 2005-01-28 12:44:28 25,088 ----a-w c:\windows\system32\MsPMSNSv.dll
- 2004-08-03 23:56:44 201,728 ----a-w c:\windows\system32\mspmsp.dll
+ 2005-01-28 12:44:28 173,568 ----a-w c:\windows\system32\MsPMSP.dll
- 2004-08-03 23:57:02 356,352 ----a-w c:\windows\system32\msscp.dll
+ 2005-01-28 12:44:28 364,784 ----a-w c:\windows\system32\MSSCP.dll
- 2004-08-03 23:56:46 245,760 ----a-w c:\windows\system32\mswmdm.dll
+ 2005-01-28 12:44:28 315,904 ----a-w c:\windows\system32\MSWMDM.dll
- 2004-08-03 23:56:46 237,568 ----a-w c:\windows\system32\qasf.dll
+ 2005-01-28 12:44:28 221,184 ----a-w c:\windows\system32\qasf.dll
+ 2005-01-28 12:44:28 47,104 ----a-w c:\windows\system32\uwdf.exe
+ 2005-01-28 12:44:28 15,872 ----a-w c:\windows\system32\wdfapi.dll
+ 2005-01-28 12:44:28 38,912 ----a-w c:\windows\system32\wdfmgr.exe
- 2004-08-03 23:56:48 408,064 ----a-w c:\windows\system32\wmadmod.dll
+ 2005-01-28 12:44:28 396,528 ----a-w c:\windows\system32\wmadmod.dll
- 2004-08-03 23:56:48 670,720 ----a-w c:\windows\system32\wmadmoe.dll
+ 2005-01-28 12:44:28 716,288 ----a-w c:\windows\system32\wmadmoe.dll
- 2004-08-03 23:56:48 230,400 ----a-w c:\windows\system32\wmasf.dll
+ 2005-01-28 12:44:28 224,768 ----a-w c:\windows\system32\wmasf.dll
- 2004-08-03 23:56:48 27,136 ----a-w c:\windows\system32\wmdmlog.dll
+ 2005-01-28 12:44:28 28,160 ----a-w c:\windows\system32\WMDMLOG.dll
- 2004-08-03 23:56:48 23,552 ----a-w c:\windows\system32\wmdmps.dll
+ 2005-01-28 12:44:28 33,792 ----a-w c:\windows\system32\WMDMPS.dll
+ 2005-01-28 12:44:28 335,872 ----a-w c:\windows\system32\WMDRMdev.dll
+ 2005-01-28 12:44:28 290,816 ----a-w c:\windows\system32\WMDRMNet.dll
- 2004-08-03 23:56:36 168,448 ----a-w c:\windows\system32\wmerror.dll
+ 2005-01-28 12:44:28 189,440 ----a-w c:\windows\system32\wmerror.dll
- 2004-08-03 23:56:48 151,552 ----a-w c:\windows\system32\wmidx.dll
+ 2005-01-28 12:44:28 150,016 ----a-w c:\windows\system32\wmidx.dll
- 2004-08-03 23:56:48 1,050,624 ----a-w c:\windows\system32\wmnetmgr.dll
+ 2005-01-28 12:44:28 1,027,072 ----a-w c:\windows\system32\wmnetmgr.dll
- 2004-08-03 23:56:48 4,874,240 ----a-w c:\windows\system32\wmp.dll
+ 2005-01-28 12:44:28 5,525,504 ----a-w c:\windows\system32\wmp.dll
- 2004-08-03 23:56:48 114,688 ----a-w c:\windows\system32\wmpasf.dll
+ 2005-01-28 12:44:28 135,168 ----a-w c:\windows\system32\wmpasf.dll
- 2004-08-03 23:56:48 20,480 ----a-w c:\windows\system32\wmpcd.dll
+ 2005-01-28 12:44:28 20,480 ----a-w c:\windows\system32\wmpcd.dll
- 2004-08-03 23:56:48 20,480 ----a-w c:\windows\system32\wmpcore.dll
+ 2005-01-28 12:44:28 20,480 ----a-w c:\windows\system32\wmpcore.dll
- 2004-08-03 23:56:48 233,472 ----a-w c:\windows\system32\wmpdxm.dll
+ 2005-01-28 12:44:28 282,624 ----a-w c:\windows\system32\wmpdxm.dll
+ 2005-01-28 12:44:28 1,594,880 ----a-w c:\windows\system32\wmpencen.dll
- 2004-08-03 23:56:38 2,940,928 ----a-w c:\windows\system32\wmploc.dll
+ 2005-01-28 12:44:28 3,371,008 ----a-w c:\windows\system32\wmploc.dll
- 2004-08-03 23:56:48 102,400 ----a-w c:\windows\system32\wmpshell.dll
+ 2005-01-28 12:44:28 86,016 ----a-w c:\windows\system32\wmpshell.dll
+ 2005-01-28 12:44:28 175,104 ----a-w c:\windows\system32\wmpsrcwp.dll
- 2004-08-03 23:56:48 20,480 ----a-w c:\windows\system32\wmpui.dll
+ 2005-01-28 12:44:28 20,480 ----a-w c:\windows\system32\wmpui.dll
- 2004-08-03 23:56:48 759,296 ----a-w c:\windows\system32\wmsdmod.dll
+ 2005-01-28 12:44:28 774,904 ----a-w c:\windows\system32\wmsdmod.dll
- 2004-08-03 23:56:48 484,864 ----a-w c:\windows\system32\wmspdmod.dll
+ 2005-01-28 12:44:28 413,944 ----a-w c:\windows\system32\wmspdmod.dll
- 2004-08-03 23:56:48 896,512 ----a-w c:\windows\system32\wmspdmoe.dll
+ 2005-01-28 12:44:28 940,544 ----a-w c:\windows\system32\wmspdmoe.dll
+ 2005-01-28 12:44:28 1,218,808 ----a-w c:\windows\system32\wmvadvd.dll
+ 2005-01-28 12:44:28 1,512,448 ----a-w c:\windows\system32\WMVADVE.DLL
- 2004-08-03 23:57:04 2,105,344 ----a-w c:\windows\system32\wmvcore.dll
+ 2005-01-28 12:44:28 2,370,296 ----a-w c:\windows\system32\wmvcore.dll
- 2004-08-03 23:56:48 809,984 ----a-w c:\windows\system32\wmvdmod.dll
+ 2005-01-28 12:44:28 895,736 ----a-w c:\windows\system32\wmvdmod.dll
- 2004-08-03 23:56:48 1,001,472 ----a-w c:\windows\system32\wmvdmoe2.dll
+ 2005-01-28 12:44:28 1,003,008 ----a-w c:\windows\system32\wmvdmoe2.dll
+ 2005-01-28 12:44:28 38,912 ----a-w c:\windows\system32\wpd_ci.dll
+ 2005-01-28 12:44:28 61,952 ----a-w c:\windows\system32\wpdconns.dll
+ 2005-01-28 12:44:28 114,176 ----a-w c:\windows\system32\wpdmtp.dll
+ 2005-01-28 12:44:28 331,776 ----a-w c:\windows\system32\wpdmtpdr.dll
+ 2005-01-28 12:44:28 66,560 ----a-w c:\windows\system32\wpdmtpus.dll
+ 2005-01-28 12:44:28 331,264 ----a-w c:\windows\system32\wpdsp.dll
+ 2005-01-28 12:44:28 10,752 ----a-w c:\windows\system32\wpdtrace.dll
+ 2009-01-07 18:45:04 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_f0.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-12-22 1830128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-30 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
c:\documents and settings\Administrator\Start Menu\Programs\Startup\
Girder3.lnk - c:\program files\Girder\Girder.exe [2009-01-07 1830912]
PowerInstall Softcam Updater.lnk - c:\program files\FreePack\PSU\PSU.EXE [2008-10-07 57003]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-01-06 450560]
Server4PC.lnk - c:\program files\TechniSat DVB\bin\Server4PC.exe [2009-01-07 430080]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\TechniSat DVB\\bin\\Server4PC.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7253:TCP"= 7253:TCP:xkwwjmol
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-01-07 111184]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2008-12-22 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-12-22 55024]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-12-22 7408]
R3 SKYNET;B2C2 Broadband Receiver PCI Adapter;c:\windows\system32\drivers\SkyNET.sys [2009-01-07 451816]
R3 Video3D;ASUS Video3D Service;c:\windows\system32\drivers\Video3D32.sys [2009-01-06 10752]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-01-07 20560]
R4 atidgllk;atidgllk;c:\windows\atidgllk.sys [2009-01-06 5376]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
S3 xzyhysqm;xzyhysqm;\??\c:\windows\system32\
01.tmp --> c:\windows\system32\
01.tmp [?]
S4 dztwbejgo;Microsoft Security;c:\windows\system32\svchost.exe -k netsvcs [2001-08-23 14336]
S4 hkxbzg;hkxbzg;c:\windows\system32\svchost.exe -k netsvcs [2001-08-23 14336]
S4 wqenk;Task Windows;c:\windows\system32\svchost.exe -k netsvcs [2001-08-23 14336]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - UMWDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
hkxbzg
dztwbejgo
wqenk
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe
.
------- Supplementary Scan -------
.
TCP: {AACF6E13-2B55-499D-A999-253A0FB321E6} = 93.93.93.2,194.106.162.3
O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd
O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\
0u3h6l59.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.elitesecurity.org/f101-PC-DVB-kartice
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-01-07 20:11:09
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\xzyhysqm]
"ImagePath"="\??\c:\windows\system32\
01.tmp"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dztwbejgo]
"ServiceDll"="c:\windows\System32\frsvyou.dll"
--
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wqenk]
"ServiceDll"="c:\windows\system32\frsvyou.dll"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1012)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-01-07 20:11:52
ComboFix-quarantined-files.txt 2009-01-07 19:11:50
ComboFix2.txt 2009-01-07 17:08:57
Pre-Run: 46,055,989,248 bytes free
Post-Run: 46,048,854,016 bytes free
450 --- E O F --- 2009-01-06 21:10:44
i nije se restartovao....
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:19:13 PM, on 1/7/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\Girder\Girder.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Girder3.lnk = C:\Program Files\Girder\Girder.exe
O4 - Startup: PowerInstall Softcam Updater.lnk = C:\Program Files\FreePack\PSU\PSU.EXE
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{AACF6E13-2B55-499D-A999-253A0FB321E6}: NameServer = 93.93.93.2,194.106.162.3
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
--
End of file - 3772 bytes